Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
File: b6add1ab-b1b1-4863-813c-c831ef37c38c.roa (raw, json)
Hash identifier: Ras+46lx7evInRjchmn+cF8ZcL3dBRGsdhCkdHimxu8=
Subject key identifier: 42:71:F3:F3:75:07:CE:62:AE:00:A3:CD:FB:F8:A3:8D:9D:C0:AF:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C053E318450058A991EE68FD7B92850AE7E3D43
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
Signing time: Mon 04 Sep 2023 00:00:00 +0000
ROA not before: Mon 04 Sep 2023 00:00:00 +0000
ROA not after: Mon 09 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Sep 2023 14:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:05:3e:31:84:50:05:8a:99:1e:e6:8f:d7:b9:28:50:ae:7e:3d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 00:00:00 2023 GMT
Not After : Oct 9 23:59:59 2023 GMT
Subject: serialNumber=b52b42f76306a2eaa42e47d602aba9719f412af3cbdadaff6e67319c3c7a8bb1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8f:89:78:20:47:71:35:65:97:e6:22:b0:c0:
69:5c:24:ea:3f:db:cc:a7:a9:47:0e:4a:7a:6e:b2:
42:b9:d1:77:d6:c4:f5:ba:b4:d3:55:2b:2f:fd:d4:
11:cb:97:0d:f4:f1:f0:44:72:7a:8f:fb:16:de:36:
d1:be:b5:ff:4c:60:0a:f3:b2:fb:69:57:df:01:0f:
45:0e:59:2a:24:5b:0b:a5:8c:cc:a8:1a:f6:15:98:
06:dc:04:6a:07:b9:92:a1:be:b2:82:22:21:da:65:
9b:3b:7d:8a:2b:a3:da:56:b8:a0:e3:45:d0:2c:bf:
16:b3:7d:b6:cb:a0:15:b0:9b:25:37:1e:d2:d4:f0:
f4:81:99:8f:ed:66:e9:b5:36:d6:89:fd:12:35:87:
f3:3f:37:26:f6:ad:1a:9c:e4:50:70:af:56:42:5c:
eb:11:67:4d:a5:76:76:ae:a9:89:ba:57:9d:45:ec:
fe:3d:af:f2:01:30:78:6e:e3:33:33:42:61:96:7e:
2a:a8:f6:31:31:d9:f8:ef:85:16:0c:f8:05:79:25:
ce:15:29:0c:3e:98:4f:1c:b9:48:fc:97:94:49:8a:
00:81:ff:7d:4e:3a:9c:70:dc:e3:0a:05:ce:2e:08:
98:1b:c6:7f:93:d5:0d:43:ac:59:d4:da:07:4a:79:
b6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:71:F3:F3:75:07:CE:62:AE:00:A3:CD:FB:F8:A3:8D:9D:C0:AF:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
b7:72:33:ce:1a:6d:f5:b8:46:33:fe:8f:21:50:bf:36:2a:40:
14:a6:a3:b9:c1:fa:95:c5:07:bf:34:07:98:b7:e5:92:68:6c:
61:92:c9:90:a8:a0:d9:2d:c9:f8:3e:6b:e3:57:f4:af:16:e6:
2a:8d:dd:10:d3:93:14:3e:7c:63:8a:9f:6d:e0:21:3a:8a:fd:
36:5e:d6:4e:c1:a5:f4:de:a6:ab:32:b3:38:2c:51:f8:32:c2:
13:73:35:b6:34:f4:36:92:80:a2:5f:35:de:77:45:19:1a:8e:
72:1d:81:b7:50:26:ca:05:1b:65:00:23:17:ea:9d:30:6b:22:
02:b4:38:87:83:5a:cb:b4:e5:e9:11:a5:98:fe:2e:e1:de:08:
32:9b:5c:88:1d:72:9e:40:2c:17:62:16:1f:5a:c3:a4:26:de:
55:cf:4f:2d:c9:e1:5b:b6:19:52:ab:c8:dc:f7:45:d8:da:f2:
67:81:cd:12:a2:30:8b:80:5f:32:fd:46:8e:c5:6f:f1:12:b7:
7b:37:a4:8b:cd:8a:9d:ca:66:ab:1f:af:ec:7b:54:fb:38:6a:
b6:e8:d4:e8:02:73:6f:7c:4a:ff:a0:3d:38:26:6a:fc:b6:8e:
d8:5d:cc:18:b6:df:c0:18:a8:02:4b:ea:12:7b:99:46:0b:32:
5e:80:23:11
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPAU+MYRQBYqZHuaP17koUK5+PUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDQwMDAwMDBaFw0yMzEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1MmI0MmY3NjMwNmEyZWFhNDJlNDdkNjAyYWJhOTcxOWY0MTJhZjNjYmRh
ZGFmZjZlNjczMTljM2M3YThiYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqPiXggR3E1ZZfmIrDAaVwk6j/bzKepRw5Kem6yQrnRd9bE9bq001UrL/3U
EcuXDfTx8ERyeo/7Ft420b61/0xgCvOy+2lX3wEPRQ5ZKiRbC6WMzKga9hWYBtwE
age5kqG+soIiIdplmzt9iiuj2la4oONF0Cy/FrN9tsugFbCbJTce0tTw9IGZj+1m
6bU21on9EjWH8z83JvatGpzkUHCvVkJc6xFnTaV2dq6pibpXnUXs/j2v8gEweG7j
MzNCYZZ+Kqj2MTHZ+O+FFgz4BXklzhUpDD6YTxy5SPyXlEmKAIH/fU46nHDc4woF
zi4ImBvGf5PVDUOsWdTaB0p5tuUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRCcfPz
dQfOYq4Ao837+KONncCvBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjZhZGQxYWItYjFiMS00ODYzLTgxM2MtYzgzMWVmMzdjMzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBALdyM84abfW4RjP+jyFQvzYqQBSmo7nB+pXFB780
B5i35ZJobGGSyZCooNktyfg+a+NX9K8W5iqN3RDTkxQ+fGOKn23gITqK/TZe1k7B
pfTepqsyszgsUfgywhNzNbY09DaSgKJfNd53RRkajnIdgbdQJsoFG2UAIxfqnTBr
IgK0OIeDWsu05ekRpZj+LuHeCDKbXIgdcp5ALBdiFh9aw6Qm3lXPTy3J4Vu2GVKr
yNz3Rdja8meBzRKiMIuAXzL9Ro7Fb/ESt3s3pIvNip3KZqsfr+x7VPs4arbo1OgC
c298Sv+gPTgmavy2jthdzBi238AYqAJL6hJ7mUYLMl6AIxE=
-----END CERTIFICATE-----
Generated at Mon Sep 4 15:38:31 2023 by rpki-client on console-fra.rpki-client.org